Solved

Microsoft Exchange Server Installed on a Member Server

Posted on 2009-04-10
6
248 Views
Last Modified: 2012-05-06
I'm installing Microsoft Exchange 2000 on a Microsoft 2000 Server and the server will be located in the DMZ of our filewall.  My question is can the Microsoft 2000 Server be a member server or does this server have to be an active directory domain controller?
0
Comment
Question by:jnelipowitz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 10

Expert Comment

by:ashwin_kumar525
ID: 24117084
As long as it can contact a Domain Controller, it is fine where you keep it.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24117237
Although whatever your reasons for wanting to put the machine in the DMZ, I can guarantee that they are wrong. There are no good reasons for putting an Exchange server in the DMZ, certainly not a Windows 2000/Exchange 2000 system which cannot defend itself from even the most basic of attacks (directory harvest).

Why are you putting this server in the DMZ? What is its purpose in there?
If it is for anything "security" related then you have been misguided.

Simon.
0
 

Author Comment

by:jnelipowitz
ID: 24117331
My understanding is that our existing Exchange 5.5 Server was place in the DMZ of our Cisco 515e PIX firewall for security.  The DMZ is a separate subnet that can not be contacted by the Domain Controller.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 65

Expert Comment

by:Mestha
ID: 24117366
The security reason is completely false. Putting an Exchange server does not improve your security in any shape or form. It actually reduces your security. Due to the way that Exchange works, it needs to constantly communicate with a domain controller, that domain controller needs to be the same one as the main backend server. If your DMZ cannot see the production network then you cannot run Exchange in the DMZ.

What does the server actually do/will do? SMTP, OWA, something else?

Simon.
0
 

Author Comment

by:jnelipowitz
ID: 24117578
It will be a standard Exchange 2000 server with the SMTP connector.  
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24117762
What is going to do though? Is it just to pass email through?
If so then you would be better off with a regular Windows 2003 server and a copy of Vamsoft ORF. You can then open two ports only between the DMZ and the production network (25 for SMTP email and the LDAP port).
Cheaper than an Exchange license and doesn't require the machine to be a member of the domain.

http://www.amset.info/exchange/gateway.asp

Simon.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question